github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Add RunAsUsername support.

Browse Source 
Signed-off-by: Lantao Liu <lantaol@google.com>
This commit is contained in:
Lantao Liu
2017-08-25 00:36:25 +00:00
parent e1f74f00a5
commit a80df151d1
5 changed files with 30 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/server/container_create_test.go
View File

@@ -91,6 +91,7 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox
},
SupplementalGroups: []int64{1111, 2222},
NoNewPrivs: true,
RunAsUser: &runtime.Int64Value{Value: 255},
},
},
}
@@ -143,6 +144,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox
assert.NotContains(t, spec.Process.Capabilities.Permitted, "CAP_CHOWN")
assert.NotContains(t, spec.Process.Capabilities.Ambient, "CAP_CHOWN")
t.Logf("Check uid")
assert.EqualValues(t, spec.Process.User.UID, 255)
t.Logf("Check supplemental groups")
assert.Contains(t, spec.Process.User.AdditionalGids, uint32(1111))
assert.Contains(t, spec.Process.User.AdditionalGids, uint32(2222))